Lucene search
China National Vulnerability DatabaseCNVD-2023-78309HistoryOct 17, 2023 - 12:00 a.m.
Medicine Tracker System Cross-Site Scripting Vulnerability
2023-10-1700:00:00
China National Vulnerability Database
www.cnvd.org.cn
2
medicine tracker system
carlo montero
cross-site scripting
vulnerability
filtering
escaping
user-supplied data
parameter page
index.php
exploitation
arbitrary web script
html
payload
security advisory
Medicine Tracker System is a medication tracking system by Carlo Montero personal developer. Medicine Tracker System v1.0 suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter page of the file index.php, which can be exploited by an attacker to execute arbitrary web script or HTML by injecting a carefully crafted payload.
| CPE | Name | Operator | Version |
|---|---|---|---|
| medicine tracker system medicine tracker system | eq | 1.0 |
Related
cve
cve
CVE-2023-5581
2023-10-14 13:15:09
cvelist
cvelist
nvd
nvd
CVE-2023-5581
2023-10-14 13:15:09
prion
prion
Cross site scripting
2023-10-14 13:15:00
vulnrichment
vulnrichment